Commit graph

15275 commits

Author SHA1 Message Date
David Brown
dcdde59c6f tests: psa: Change Elliptic curve defines to PSA names
Now that PSA crypto config supports the new PSA_WANT_ECC_xxx defines,
change the psa-specific test suites to use these new names.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-10 13:19:45 -07:00
David Brown
c7b9b2b6d6 Update defines for ECC PSA configs
Use the names as described in
`docs/proposed/psa-conditional-inclusion-c.md which use a transform
like: SECP256R1 -> SECP_R1_256.  The CURVE25519 and CURVE448 become
MONTGOMERY_255 and MONTGOMERY_448.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-10 13:19:13 -07:00
David Brown
20a8c4305a Define PSA_WANT definitions for all ECC curves
Mirror the default non-PSA configuration by enabling all supported ECC
curves.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-10 13:19:13 -07:00
David Brown
8de143e72d Create PSA configs for ECC curves
For each curve defined MBEDTLS_ECP_DP_xxx_ENABLED, we have a
corrsponding PSA config define PSA_WANT_ECC_xxx.  Along with that is a
value MBEDTLS_PSA_ACCEL_ECC_xxx which can be used to allow HW
acceleration of that particular curve.

If the PSA config requests an unaccelerated curve, the corresponding
MBEDTLS_PSA_BUILTIN_ECC_xxx will also be defined.

This commit defines these for all curves currently defined, with the
defines working in either direction, depending on whether
MBEDTLS_PSA_CRYPTO_CONFIG is defined.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-10 13:19:13 -07:00
Paul Elliott
b744990717 Fix missed size_t printf
Code was missed due to rework moving duplicated code into a function

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 18:17:12 +00:00
Paul Elliott
9907e2c334 Improve wording of ChangeLog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:14:10 +00:00
Paul Elliott
aa5e132df7 Improve include guards for format attribute
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
61d2209e42 Fix missed invalid specifier in PSA Crypto build
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
48438c758a Fix incorrect long long specifier for win64
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
d48d5c6615 Fix size_t and longlong specifiers for MinGW
MinGW and older windows compilers cannot cope with %zu or %lld (there is
a workaround for MinGW, but it involves linking more code, there is no
workaround for Windows compilers prior to 2013). Attempt to work around
this by defining printf specifiers for size_t per platform for the
compilers that cannot use the C99 specifiers.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
3949065aef Fix incorrect case in changelog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
abb3af7826 Invert gate on printf attribute
Inverted the logic without thinking.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
3891caf1ce Misc review requested fixes
Style fixes and cast certain defines to size_t

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
21c62a2aed Raise level of -Wformat-truncation to 2
This was not possible earlier due to warnings, however now this seems to
be ok.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
3a5a107fa7 Correct fix for potential truncation
This was a false positive caused by the compiler seeing the %08lx
specifiers and judging the output on that, rather than the numbers being
fed in. Given these are going to be maximum 32 bit numbers, then better
to use %08x, which keeps -Wformat-truncation=2 happy as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
f8d733e49a Correct include guard for function __attribute
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
9e3256aead Adding printf format warning flags to makefiles
Add printf format warning flags that are supported by GCC 3.0 or later
to the makefiles

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
6f21e11265 Add Changelog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
9f35211774 Fixes for invalid printf format specifiers
Fixes for printf format specifiers, where they have been flagged as
invalid sizes by coverity, and new build flags to enable catching these
errors when building using CMake. Note that this patch uses %zu, which
requires C99 or later.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
dd9e8f6dd0 Fix potential buffer overflow in printf
Printf could potentially produce 2 64 bit numbers here when there is
only space for one, thus causing a buffer overflow. This was caught by
the new warning flags.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
4e589701d8 Declare mbedtls_debug_print_msg as printf-like
We were not getting any warnings on printf format errors, as we do not
explicitly use printf anywhere in the code. Thankfully there is a way
to mark a function as having printf behaviour so that its inputs can be
checked in the same way as printf would be.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
ea32d55623 Add printf warning flags to CMake Build
Add extra printf warning flags into the cmake build, only adding those
that are supported by each version of the compiler

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
36f539d9b3 Remove deliberate fallthrough
Clang 11 has stopped using the old comment system to mark deliberate
fallthrough, and now demands marking of such with
__attribute(fallthrough). Given not every compiler supports such
attributes and these are the only two deliberate fallthrough cases in
the project at the minute, take the easy route and just remove the
fallthrough.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 16:19:46 +00:00
gabor-mezei-arm
9c3b5077e6
Update PSA_CIPHER_ENCRYPT_OUTPUT_SIZE
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-03-10 15:57:44 +01:00
Steven Cooreman
d50db945c4 Add hash acceleration driver testing
Test hash algorithm functions when called through a transparent
driver in all.sh test_psa_crypto_config_basic and
test_psa_crypto_drivers components.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:03:36 +01:00
Steven Cooreman
83f300e2f7 Restructure the hash driver content
Apply the right define guards for the right purpose. The 'core' hash
driver is included if any hash algorithm is either to be tested through
the test driver, or if it is requested by a user and not accelerated
(i.e. 'fallback'/'software' driver requested for the algorithm).

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
25555227e5 Rename hash test driver functions to match auto-naming scheme
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
d029b60770 Move test driver hash function declarations to software driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
4f7d0586e1 Setup internal dependency macros for software hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
0eeb794a2e Initialize status with CORRUPTION_DETECTED and update fallthrough
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
5adf52c72d Correctly void potentially unused arguments
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
b1777312da Make the driver context union a defined type
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
f763810e58 Add test driver for hash operations
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
c8288354a2 move hash update zero-length-input check back into the core
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
dbf8ceda54 Change the way driver context structures are used
Apparently there's a goal to make the PSA Crypto core free from
dynamic memory allocations. Therefore, all driver context structures
need to be known at compile time in order for the core to know their
final size.

This change defines & implements for hashing operations how the context
structures get defined.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
8e9e407fed Clarify documentation of internal hash software driver interface
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
1e58235d8b Dispatch hashing calls through the driver wrapper layer
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
84d670d20c Make psa_hash_compare go through hash_compute
It's more efficient when dealing with hardware drivers.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
0e307647e6 Split hashing operations out into an mbedTLS hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Manuel Pégourié-Gonnard
17605f072b
Merge pull request #4151 from ronald-cron-arm/psa-sign_verify-hash
PSA sign and verify hash rework
2021-03-10 10:08:50 +01:00
Dave Rodgman
1c4e78421e
Merge pull request #815 from ARMmbed/mbedtls-2.26.0-rc0-pr
Mbedtls 2.26.0 rc0 pr
2021-03-09 18:03:32 +00:00
paul-elliott-arm
0135516d55
Merge pull request #4203 from paul-elliott-arm/memsan_fix_build
Fix memsan build with Clang 11
2021-03-09 16:31:31 +00:00
Dave Rodgman
bfe754947c Bump version to 2.26.0
Executed ./scripts/bump_version.sh --version 2.26.0

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-09 16:09:18 +00:00
Paul Elliott
b05a59a550 Improve error message
Make sure line number reported is correct for the overly long line, and
change the message to be more readable.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-09 10:26:46 +00:00
Paul Elliott
cfa6a1e2e1 Remove changelog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-09 10:26:36 +00:00
Dave Rodgman
74755e484c Update Changelog for 2.26.0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:35:44 +00:00
Dave Rodgman
b4fe1053e4 Add missing changelog entry
Add missing changelog entry for 3698: Mark basic constraints critical
as appropriate.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:34:24 +00:00
Dave Rodgman
2d83ac100d Add a missing changelog entry
Add a missing changelog entry for #3996: Allow loading external wrapped
keys.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:34:16 +00:00
Dave Rodgman
5cce6a24d0 Merge branch 'development-restricted' into mbedtls-2.26.0-rc 2021-03-08 17:01:24 +00:00
Gilles Peskine
7ef23bee0e Documentation: fix \p names that diverged from the code
Fix places where Doxygen documentation uses \p to refer to a parameter
name and where the name used did not match the actual parameter name.

I used the following script to detect problematic cases:
```
perl -w -ne 'if (eof) { $. = 0; } if (m!^/\*\*!) { $in_doc = 1; %param = (); %p = (); } if (m!\*/!) { foreach $name (keys %p) { if (!$param{$name}) { foreach $line (@{$p{$name}}) { print "$ARGV:$line: $name\n" } } } $in_doc = 0; } if ($in_doc) { if (/\\param(?: *\[[^\[\]]*\])? +(\w+)/) { $param{$1} = 1; } foreach (/\\p +\*?(\w+)/) { push @{$p{$1}}, $.; } }' include/psa/*.h
```

This commits fixes all the remaining occurrences under include/psa,
which were just trivial name mismatches.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-08 17:26:31 +01:00